-
python-imaging (1.1.7-4ubuntu0.12.04.3) precise-security; urgency=medium
* SECURITY UPDATE: information disclosure via crafted image
- map.c: add overflow checks.
- CVE-2016-9189
* SECURITY UPDATE: code execution via crafted image
- libImaging/Storage.c: add size check.
- CVE-2016-9190
* SECURITY-UPDATE: potential PNG decompression DOS
- PIL/PngImagePlugin.py: rename len variables as length and limit size.
- CVE-2014-9601
-- Marc Deslauriers <email address hidden> Fri, 10 Mar 2017 08:50:53 -0500
-
python-imaging (1.1.7-4ubuntu0.12.04.2) precise-security; urgency=medium
* SECURITY UPDATE: Fixes for buffer overflows
- PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
- CVE-2016-0775
- CVE-2016-2533
- CVE-2014-3596
- Kudos to Andrew Drake and Eric Soroos for discovering these issues.
-- Emily Ratliff <email address hidden> Fri, 09 Sep 2016 14:45:49 -0500
-
python-imaging (1.1.7-4ubuntu0.12.04.1) precise-security; urgency=medium
* SECURITY UPDATE: insecure use of temporary files
- PIL/EpsImagePlugin.py, PIL/Image.py, PIL/IptcImagePlugin.py,
PIL/JpegImagePlugin.py: use tempfile.mkstemp().
- https://github.com/wiredfool/Pillow/commit/1e331e3e6a40141ca8eee4f5da9f74e895423b66
- CVE-2014-1932
- CVE-2014-1933
-- Marc Deslauriers <email address hidden> Mon, 31 Mar 2014 10:25:50 -0400
-
python-imaging (1.1.7-4) unstable; urgency=low
* Add multiarch search directories as given by dpkg-architecture. This re-enables support for: tkinter, jpeg, zlib, freetype2, and littlecms (Marc Tardif, Barry Warsaw). LP: #806661. Closes: #632962, #632180. * Build using libjpeg8. -- Matthias Klose <email address hidden> Sat, 09 Jul 2011 11:56:15 +0200
-
python-imaging (1.1.7-3ubuntu1) oneiric; urgency=low
* debian/patches/01_multiarch_support.patch
- Add multiarch search directories as given by dpkg-architecture.
This re-enables support for: tkinter, jpeg, zlib, freetype2, and
littlecms. Problem found and patch inspired by Marc Tardif (cr3).
(LP: #806661)
-- Barry Warsaw <email address hidden> Thu, 07 Jul 2011 08:08:10 -0400
